package net.xju.controller;


import net.xju.common.framework.simplemvc.RequestMapping;
import net.xju.common.utils.ResponseUtil;
import net.xju.entity.User;
import net.xju.service.UserService;
import net.xju.service.impl.UserServiceImpl;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


@RequestMapping("/user")
public class UserController {
    private UserService userService = new UserServiceImpl();

    // 用户注册
    @RequestMapping("/register")
    public void register(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        String username = req.getParameter("username");
        String password = req.getParameter("password");
        String email = req.getParameter("email");

        if (username == null || password == null || email == null) {
            ResponseUtil.writeError(resp, "Missing parameters");
            return;
        }

        User user = new User();
        user.setUsername(username);
        user.setPassword(password);
        user.setEmail(email);
        user.setRole("user");

        boolean success = userService.register(user);
        if (success) {
            ResponseUtil.writeSuccess(resp, "Registration successful");
        } else {
            ResponseUtil.writeError(resp, "Username or email already exists");
        }
    }

    // 用户登录
    @RequestMapping("/login")
    public void login(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        String username = req.getParameter("username");
        String password = req.getParameter("password");

        if (username == null || password == null) {
            ResponseUtil.writeError(resp, "Missing parameters");
            return;
        }

        User user = userService.login(username, password);
        if (user != null) {
            // 登录成功，将用户信息存入Session
            req.getSession().setAttribute("user", user);
            ResponseUtil.writeSuccess(resp, "Login successful");
        } else {
            ResponseUtil.writeError(resp, "Invalid username or password");
        }
    }

    // 用户注销
    @RequestMapping("/logout")
    public void logout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        req.getSession().invalidate();
        ResponseUtil.writeSuccess(resp, "Logged out successfully");
    }

    // 管理员删除用户
    @RequestMapping("/delete")
    public void deleteUser(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        // 检查用户权限
        User currentUser = (User) req.getSession().getAttribute("user");
        if (currentUser == null || !"admin".equals(currentUser.getRole())) {
            ResponseUtil.writeError(resp, "Permission denied");
            return;
        }

        String userId = req.getParameter("id");
        if (userId == null) {
            ResponseUtil.writeError(resp, "Missing user ID");
            return;
        }

        boolean success = userService.deleteUser(Integer.parseInt(userId));
        if (success) {
            ResponseUtil.writeSuccess(resp, "User deleted successfully");
        } else {
            ResponseUtil.writeError(resp, "Failed to delete user");
        }
    }
}
